Commit 56c7f0d13d for strongswan.org

commit 56c7f0d13dffcfebf4255470e375234144d28134
Author: Tobias Brunner <tobias@strongswan.org>
Date:   Wed Mar 25 10:17:46 2026 +0100

    tls-server: Prevent infinite loop if supported versions are too short

    If the extension doesn't contain a multiple of two bytes, the previous
    code would get stuck in an infinite loop as `remaining()` continued to
    return TRUE while `read_uint16()` failed to parse a value. Initiating
    several connections with such an extension allows a DoS attack as no
    threads would eventually be available to handle packets/events.

    Fixes: 7fbe2e27ecf6 ("tls-server: TLS 1.3 support for TLS server implementation")
    Fixes: CVE-2026-35328

diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c
index 60fbcd2ea6..174d34b3b9 100644
--- a/src/libtls/tls_server.c
+++ b/src/libtls/tls_server.c
@@ -470,15 +470,12 @@ static status_t process_client_hello(private_tls_server_t *this,
 		bio_reader_t *client_versions;

 		client_versions = bio_reader_create(versions);
-		while (client_versions->remaining(client_versions))
+		while (client_versions->read_uint16(client_versions, &version))
 		{
-			if (client_versions->read_uint16(client_versions, &version))
+			if (this->tls->set_version(this->tls, version, version))
 			{
-				if (this->tls->set_version(this->tls, version, version))
-				{
-					this->client_version = version;
-					break;
-				}
+				this->client_version = version;
+				break;
 			}
 		}
 		client_versions->destroy(client_versions);